Saturday, March 6, 2021

Microsoft IOC Detection Tool for Exchange Server Vulnerabilities

Original release date: March 6, 2021

Microsoft has released an updated script that scans Exchange log files for indicators of compromise (IOCs) associated with the vulnerabilities disclosed on March 2, 2021.

CISA is aware of widespread domestic and international exploitation of these vulnerabilities and strongly recommends organizations run the Test-ProxyLogon.ps1 script—as soon as possible—to help determine whether their systems are compromised. For additional information on the script, see Microsoft’s blog HAFNIUM targeting Exchange Servers with 0-day exploits.

For more information about these vulnerabilities and how to defend against their exploitation, see:

This product is provided subject to this Notification and this Privacy & Use policy.

Posted at https://sl.advdat.com/3blFiqg

Friday, March 5, 2021

Microsoft Releases Alternative Mitigations for Exchange Server Vulnerabilities

Original release date: March 5, 2021

Microsoft has released alternative mitigation techniques for Exchange Server customers who are not able to immediately apply updates that address vulnerabilities disclosed on March 2, 2021.

CISA and Microsoft encourages organizations to upgrade their on-premises Exchange environments to the latest supported version. If an organization is unable to immediately apply the updates, CISA strongly recommends they apply the alternative mitigations found in Microsoft’s blog on Exchange Server Vulnerabilities Mitigations in the interim.

For more information about these vulnerabilities, see:

 

 

This product is provided subject to this Notification and this Privacy & Use policy.

Posted at https://sl.advdat.com/3l16Ep3

Thursday, March 4, 2021

Update to Alert on Mitigating Microsoft Exchange Server Vulnerabilities

Original release date: March 4, 2021

CISA is aware of threat actors using open source tools to search for vulnerable Microsoft Exchange Servers and advises entities to investigate for signs of a compromise from at least September 1, 2020. CISA has updated the Alert on the Microsoft Exchange server vulnerabilities with additional detailed mitigations. 
 
CISA encourages administrators to review the updated Alert and the Microsoft Security Update and apply the necessary updates as soon as possible or disconnect vulnerable Exchange servers from the internet until the necessary patch is made available.

This product is provided subject to this Notification and this Privacy & Use policy.

Posted at https://sl.advdat.com/388F4k8

Creative Learning and Leadership | Minecraft: Education Edition at India’s Sat Paul Mittal School

Sat Paul Mittal School is a Microsoft Showcase School in Ludhiana in Punjab, India. When a chance mention of Minecraft on a Skype call piqued their students’ interest, they took a chance on game-based learning. Head of IT Monica Joshi tells the story of how, in just two short years, Minecraft: Education Edition became a mainstay for creative, cross-curricular learning. At Sat Paul Mittal School, we wanted an environment that was conducive to engaging our students constructively while also paying considerable attention to students with special needs, so we tried game-based learning using Minecraft to attract and sustain their attention....

The post Creative Learning and Leadership | Minecraft: Education Edition at India’s Sat Paul Mittal School first appeared on Microsoft EDU.

Posted at https://sl.advdat.com/3sQkwoFhttps://sl.advdat.com/3sQkwoF

Joint NSA and CISA Guidance on Strengthening Cyber Defense Through Protective DNS

Original release date: March 4, 2021

The National Security Agency (NSA) and CISA have released a Joint Cybersecurity Information (CSI) sheet with guidance on selecting a protective Domain Name System (PDNS) service as a key defense against malicious cyber activity. Protective DNS can greatly reduce the effectiveness of ransomware, phishing, botnet, and malware campaigns by blocking known-malicious domains. Additionally organizations can use DNS query logs for incident response and threat hunting activities.

CISA encourages users and administrators to consider the benefits of using a protective DNS service and review NSA and CISA’s CSI sheet on Selecting a Protective DNS Service for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

Posted at https://sl.advdat.com/3sObuZh